Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS39521.roa
File: AS39521.roa (raw, json)
Hash identifier: BpL8fQZ0qfXqvy0Bg3+VBGhBVmv1kMg72TgtUvwkMhw=
Subject key identifier: E9:F6:55:31:34:9C:9B:74:5C:B7:48:C7:81:BF:D4:E3:70:15:55:9F
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 2715303691673E7F62E605BE147F5D1918EB3F89
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS39521.roa
Signing time: Tue 12 May 2026 11:12:52 +0000
ROA not before: Tue 12 May 2026 11:07:52 +0000
ROA not after: Tue 11 May 2027 11:12:52 +0000
asID: 39521
IP address blocks: 212.107.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:15:30:36:91:67:3e:7f:62:e6:05:be:14:7f:5d:19:18:eb:3f:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: May 12 11:07:52 2026 GMT
Not After : May 11 11:12:52 2027 GMT
Subject: CN=E9F65531349C9B745CB748C781BFD4E37015559F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:18:10:44:0e:d1:4b:07:e4:63:0c:af:c9:61:
b9:df:00:21:09:1f:8a:70:dd:12:0b:5c:e3:83:99:
42:64:ae:21:4a:44:03:d5:44:70:fd:88:87:00:d6:
bb:2e:e4:24:27:0a:79:ec:df:34:47:52:82:43:b2:
10:bf:d7:47:93:f8:49:5e:1f:19:b2:c2:2e:b9:39:
f9:86:1e:36:91:68:8e:93:d2:2a:73:4e:7d:a4:44:
17:02:00:2f:b7:c2:5a:45:19:d5:a5:40:ce:fe:22:
0d:a7:8e:24:73:0f:c1:70:ec:3f:19:5f:f1:ee:02:
a5:5b:24:4a:80:40:1d:54:58:98:b8:9b:a3:71:76:
a0:e5:1e:57:6e:88:2d:8f:0f:f4:6d:95:b5:20:49:
c3:c5:72:d4:4a:71:f0:b4:8a:82:2b:11:c6:0d:8f:
41:64:7f:5a:01:d8:50:8d:ab:9d:a3:e9:4b:14:cb:
39:1d:92:24:8d:a4:d5:ac:46:ce:c1:e9:22:46:f2:
95:17:59:6e:7a:7a:ab:67:bc:13:2f:1b:14:fe:8b:
41:ea:40:a6:3d:fa:15:ac:c9:65:0b:33:24:5f:2b:
a3:35:9d:6f:f3:8f:08:8f:d9:09:33:ab:8a:13:f7:
58:3b:94:2f:ba:aa:b9:48:4e:d1:d5:bf:44:21:63:
b5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F6:55:31:34:9C:9B:74:5C:B7:48:C7:81:BF:D4:E3:70:15:55:9F
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS39521.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.107.4.0/22
Signature Algorithm: sha256WithRSAEncryption
59:f5:94:6b:95:ff:89:58:f9:fc:5e:3b:ef:15:38:83:1b:7c:
2b:16:d1:99:c4:2d:a2:46:3c:00:66:6d:50:2e:9f:3c:06:a5:
14:31:81:49:49:c6:ad:e4:ca:83:ef:44:41:4b:58:24:b3:4f:
fa:63:65:3c:fb:55:7f:d8:a6:c6:01:94:c0:c5:a3:99:9e:49:
d0:78:9b:e4:fa:07:71:e8:1a:0f:f6:00:39:4f:17:99:47:3e:
3f:b0:8f:79:cc:23:e6:7f:e4:9d:5f:57:95:3d:6b:ab:9f:46:
5f:b3:e2:14:2c:8e:60:46:58:63:b2:3a:41:44:ec:a0:5e:b7:
7c:02:e0:f1:89:9a:37:af:86:66:04:98:6d:79:19:59:c4:d3:
a2:37:da:73:89:09:c3:05:ee:ef:9f:02:4b:f5:71:e5:cb:0d:
12:f0:d5:a5:dc:4a:74:ad:bf:0c:0d:cb:0b:83:ea:e9:3a:e0:
72:c9:df:78:9a:44:c5:e8:9a:c2:c8:8a:77:ee:de:f4:6d:44:
55:a4:11:35:69:97:8c:c0:ec:21:c9:be:d9:1d:dd:f7:30:b5:
bd:4e:f6:9a:6d:e3:91:6a:c6:ec:3e:44:10:f4:e8:00:6f:65:
e4:26:ab:08:74:78:ba:07:89:24:60:b6:dd:87:8d:67:4f:cf:
47:a1:5c:46
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUJxUwNpFnPn9i5gW+FH9dGRjrP4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA1MTIxMTA3NTJaFw0yNzA1MTExMTEyNTJaMDMxMTAvBgNV
BAMTKEU5RjY1NTMxMzQ5QzlCNzQ1Q0I3NDhDNzgxQkZENEUzNzAxNTU1OUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPGBBEDtFLB+RjDK/JYbnfACEJ
H4pw3RILXOODmUJkriFKRAPVRHD9iIcA1rsu5CQnCnns3zRHUoJDshC/10eT+Ele
Hxmywi65OfmGHjaRaI6T0ipzTn2kRBcCAC+3wlpFGdWlQM7+Ig2njiRzD8Fw7D8Z
X/HuAqVbJEqAQB1UWJi4m6NxdqDlHlduiC2PD/RtlbUgScPFctRKcfC0ioIrEcYN
j0Fkf1oB2FCNq52j6UsUyzkdkiSNpNWsRs7B6SJG8pUXWW56eqtnvBMvGxT+i0Hq
QKY9+hWsyWULMyRfK6M1nW/zjwiP2Qkzq4oT91g7lC+6qrlITtHVv0QhY7VNAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU6fZVMTScm3Rct0jHgb/U43AVVZ8wHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMzk1MjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALUawQw
DQYJKoZIhvcNAQELBQADggEBAFn1lGuV/4lY+fxeO+8VOIMbfCsW0ZnELaJGPABm
bVAunzwGpRQxgUlJxq3kyoPvREFLWCSzT/pjZTz7VX/YpsYBlMDFo5meSdB4m+T6
B3HoGg/2ADlPF5lHPj+wj3nMI+Z/5J1fV5U9a6ufRl+z4hQsjmBGWGOyOkFE7KBe
t3wC4PGJmjevhmYEmG15GVnE06I32nOJCcMF7u+fAkv1ceXLDRLw1aXcSnStvwwN
ywuD6uk64HLJ33iaRMXomsLIinfu3vRtRFWkETVpl4zA7CHJvtkd3fcwtb1O9ppt
45Fqxuw+RBD06ABvZeQmqwh0eLoHiSRgtt2HjWdPz0ehXEY=
-----END CERTIFICATE-----
Generated at Wed May 13 02:45:12 2026 by rpki-client